tag:www.schneier.com,2015:/blog//2/tag:www.schneier.com,2012:/blog//2.4591-2015-02-17T05:43:23ZComments for Anonymous Claims it Sabotaged Rove Election HackingA blog covering security and security technology.Movable Typetag:www.schneier.com,2012:/blog//2.4591-comment:1016911Comment from Rob on 2012-11-30Rob
Don't forget romneys son Tagg had ownership in the company that supplied the voting machines in Ohio. Coinsidence I don't think so.]]>
2012-12-01T02:05:03Z2012-12-01T02:05:03Ztag:www.schneier.com,2012:/blog//2.4591-comment:1015983Comment from non on 2012-11-30non
So why did BHO tank the first debate?]]>
2012-11-30T14:20:01Z2012-11-30T14:20:01Ztag:www.schneier.com,2012:/blog//2.4591-comment:1014251Comment from stvs on 2012-11-29stvs
Even if Anonymous showed up to harpoon ORCA, it was already a decomposing corpse. Read this amazing account from a technically proficient ORCA volunteer:

Confusion over mobile app download versus web app browser access (!)

https versus http access with no redirect (!)

Last second deployment (!)

Zero training (!)

Nonexistent and/or incorrect instructions (!)

No stress testing or defenses against common attacks (!)

the end result was that 30,000+ of the most active and fired-up volunteers were wandering around confused and frustrated when they could have been doing anything else to help. Like driving people to the polls, phone-banking, walking door-to-door, etc. We lost by fairly small margins in Florida, Virginia, Ohio and Colorado. If this had worked could it have closed the gap? I sure hope not for my sanity's sake.

The real question is why anyone would wish to elect to power a group that has consistently demonstrated breathtaking incompetence.

]]>
2012-11-29T16:44:28Z2012-11-29T16:44:28Ztag:www.schneier.com,2012:/blog//2.4591-comment:1010996Comment from Lisa Johnson on 2012-11-27Lisa Johnson
Just a comment on Anonymous's use of masks and arcane language, Most of the hackers are obviously not American and certainly not native english speakers. The use of the arcane, weird language tends to disguise any "accent" they may have that could clue anyone into where they were from. They also have no reason to think that any evidence given to the American press or authorities would ever see the light of day, thus the reference to Wikileaks.]]>
2012-11-27T06:25:05Z2012-11-27T06:25:05Ztag:www.schneier.com,2012:/blog//2.4591-comment:1010074Comment from paul on 2012-11-26paul
If one were going to hack tabulating software, it would be incredibly mindbogglingly stupid to make the hack depend on some kind of outside trigger. Which doesn't say one thing or the other about the likelihood.]]>
2012-11-26T18:51:02Z2012-11-26T18:51:02Ztag:www.schneier.com,2012:/blog//2.4591-comment:1009019Comment from Zachary Smith on 2012-11-25Zachary Smith
"I would really like to see more evidence, but I doubt there will ever be a real, public investigation."

Of course there won't be any real investigation. Tightly pressing down my tinfoil hat, I see this business with Anonymous as being a CYA thing in case somebody ever blunders into finding out whatever it was that happened. In the unlikely event something or other ever comes out, it can be blamed on those darned hackers. I think that's the reason for planting this story.

IMO there was an operation in place to insure Obama remained in the White House. Barring some kind of unexpected deathbed confessions or the like, I doubt if we'll ever know whether or not 1) Rove was stymied in his own theft attempt or 2) if it was necessary to flip Republican votes to Democratic ones. The point is, Obama won handily as I've predicted since the middle of last year. The whole election in 2012 has been pure political theater. (and on that note, bonus points for those who understand the "why" of the dive BHO took in the first debate)

Electronic voting machines can produce results to match whatever their owners (or hackers) desire, and this year Rove was totally outclassed by people with lots more skill and money.

]]>
2012-11-26T01:50:56Z2012-11-26T01:50:56Ztag:www.schneier.com,2012:/blog//2.4591-comment:1007630Comment from HoustonReal on 2012-11-24HoustonReal
I know this claim sounds suspicious, but it would explain a lot. Romney and Ryan thought they had it in the bag. Were their internal polls really so "unskewed" and off-target, or is that a rationalization to explain their confidence in the face of real polling data? Did they know they had it hacked?

Ohio had funky vote tallies in 2004 that were never explained, with a similarly timed "crash". There was an unapproved software patch that the Ohio Sec. of State installed at the last minute on the vote tabulators that would have been perfect to hack the results.

Rove was certain of a win in Ohio even though the remaining precincts were not GOP strongholds. His timing of the protest of Fox's results was just before the crash/hack was scheduled to kick in. I would really like to see more evidence, but I doubt there will ever be a real, public investigation. If Rove was proven guilty, it might expose other stolen elections in 2002 and 2004, and possibly others. Even Democrats would not want a GOP scandal that would undermine public confidence in the voting system.

]]>
2012-11-25T02:42:42Z2012-11-25T02:42:42Ztag:www.schneier.com,2012:/blog//2.4591-comment:1006412Comment from Tom Coats on 2012-11-24Tom Coats
It has been pointed out that "ORCA" or "GOTV" was terribly bad at its published purpose. That makes me suspicious there was a reason that they spent so much money on it and it was not to "get out the vote".

I would love to see the proof but it will probably take twenty, thirty even fifty years before the final word is published on this.

]]>
2012-11-24T14:38:03Z2012-11-24T14:38:03Ztag:www.schneier.com,2012:/blog//2.4591-comment:1006346Comment from Nate's always right on 2012-11-24Nate's always right
Nate's latest from the NYT on which state was the tipper. Seems that the numbers make fantasy hard to believe:

Immediately after the election, it appeared that Colorado was what we called the “tipping-point state”: the one that gave Mr. Obama his decisive 270th electoral vote once you sort the states in order of most Democratic to least Democratic.

Mr. Obama’s margin in Colorado has expanded to 5.5 percentage points from 4.7 percentage points as more ballots have been counted, however. He now leads there by a wider margin than in Pennsylvania, where his margin is 5.0 percentage points. Neither state has certified its results, so the order could flip again, but if the results hold, then Pennsylvania, not Colorado, will have been the tipping-point state in the election.

Does this suggest that Mr. Romney’s campaign was smart to invest resources in Pennsylvania in the closing days of the campaign? Read more…

This is proof that Rove was firewalled in some manner. The SofS website was operating properly, but Rove could not get to it. There is no other explanation for why he was getting this particular data from the Ohio director.

Really? Rove was at Fox News, which was heavily slammed that day. He had trouble reaching the Ohio SoS website, another heavily slammed location. And "there is no other explanation" than enemy hackers?

That explanation doesn't even make the top 10.

What would those people do? They'd block Ohio's campaign director as well.
This is exactly what happened, Rove said so.
Quoted At 3:50 of the video linked below. "Apparently the website has been crashed, because they can no longer refresh it."
The site was not down, it was firewalled.

Right. Because it isn't possible that on election day the website reporting the votes from one of the states that were key in the last presidential election could possibly be overloaded, nor that the . It must be malevolent hackers.

The most interesting thing about your suggestion isn't that it shows a severe lack of comprehension of what can go wrong on the Internet. It is that your theory doesn't even match what the "Anonymous" hackers claimed to have done.

]]>
2012-11-23T19:04:56Z2012-11-23T19:04:56Ztag:www.schneier.com,2012:/blog//2.4591-comment:1001642Comment from delusional on 2012-11-22delusional
Leaving aside any thought of what Rove intended to do, let's try to find out if any firewall was actually in place.

Assume for a moment that someone had blocked access from Fox studios in NY, to the Ohio Sec of State website. When they tried to use a fox computer, the SoS website would time-out. Fox would still need that data, and some staffer (maybe Rove himself) would quickly figure out the workaround, forwarding data from some non-firewalled computer, to the fox studios.
This is exactly what happened, Rove said so.
Quoted At 1:30 of the video linked below. "... secretary of state website... I have the director of the Ohio campaign for Romney ON THE OTHER END OF THE LINE refreshing the page every few seconds."
This is proof that Rove was firewalled in some manner. The SofS website was operating properly, but Rove could not get to it. There is no other explanation for why he was getting this particular data from the Ohio director.

Moving further, let's imagine that the people who created the firewall had been quite effectively playing games with the Romney campaign's ORCA project all day long. They are laughing as Rove stammers "I'm getting my data from Ohio's campaign director". What would those people do? They'd block Ohio's campaign director as well.
This is exactly what happened, Rove said so.
Quoted At 3:50 of the video linked below. "Apparently the website has been crashed, because they can no longer refresh it."
The site was not down, it was firewalled.

]]>
2012-11-22T17:17:10Z2012-11-22T17:17:10Ztag:www.schneier.com,2012:/blog//2.4591-comment:1000810Comment from TomTrottier on 2012-11-22TomTrottierhttp://Information.Architecture.Abacurial.com
The problem is that elections are pretty easy to rig when you are running the show and build the machines. See http://harpers.org/archive/2012/11/how-to-rig-an-election/

Is it a coincidence that Republicans sell all the voting machines?

]]>
2012-11-22T07:42:28Z2012-11-22T07:42:28Ztag:www.schneier.com,2012:/blog//2.4591-comment:1000292Comment from whims on 2012-11-21whims
Anonymous claims are made in vague but grandiose language about Karl Rove, ORCA, and an evil plots. Funny, perhaps, but how is it news?

I can't tell from the text if it was intended as a prank, satirical performance art, or if it was meant to be taken seriously. Sourced to Anonymous, it could be all three of these.

The Wonkette article doesn't try to claim it was anything but weird and vague. Is anyone reasonable taking it seriously?

]]>
2012-11-22T02:01:25Z2012-11-22T02:01:25Ztag:www.schneier.com,2012:/blog//2.4591-comment:1000141Comment from Leonard Norrgård on 2012-11-21Leonard Norrgårdhttp://twitter.com/vinsci
Trolling? Curious language at the end of this page: http://nealrauhauser.wordpress.com/2012/10/03/compendium-of-trollish-behavior/]]>
2012-11-22T00:16:50Z2012-11-22T00:16:50Ztag:www.schneier.com,2012:/blog//2.4591-comment:999989Comment from Jenny Juno on 2012-11-21Jenny Juno
> There's just too much money. How much intrusion can 100 million buy?

I agree. Something like 6 billion dollars was spent by the two parties on this campaign which means someone thought there was probaly 10x to 100x that on the line. I think it would be naive to assume there wasn't some sort of serious attempt to hack the vote. Where, when and how is the hard part of the question.

> If Anon DOES have evidence

I think it unlikely that they do, or at least this part of Anon is unlikely to have anything. Anon is as much about trolling for LOLs as they are about hacking for freedom and this letter reeks of LOLing.

]]>
2012-11-21T22:39:13Z2012-11-21T22:39:13Ztag:www.schneier.com,2012:/blog//2.4591-comment:999923Comment from The bear in Boulder on 2012-11-21The bear in Boulder
I would hardly say that the Democrats are sore winners. Or did I miss something in the 2004 election? In any case crime is usually predicated on the attempt instead of the success.

I don't think you can make a strong argument on the basis of the size of the results. The "voter ID" law idea of hundreds of thousands of people voting illegally without anyone talking is ludicrous. But the allegations here are that a system briefly failed over to a second server where a bunch of votes were added. That doesn't require many people, esp. if the internal auditing is as bad as it's claimed. It also doesn't require many people to change the firewall rules so that the failover connection is blocked.

]]>
2012-11-21T22:03:51Z2012-11-21T22:03:51Ztag:www.schneier.com,2012:/blog//2.4591-comment:999908Comment from Neil in Chicago on 2012-11-21Neil in Chicago
“Some circumstantial evidence is very strong, as when you find a trout in the milk.”
— Henry David Thoreau
The narrative of the Ohio '04 count does smell, and the externals are easily verifiable.
]]>
2012-11-21T21:56:45Z2012-11-21T21:56:45Ztag:www.schneier.com,2012:/blog//2.4591-comment:999530Comment from BF Skinner on 2012-11-21BF Skinnerhttp://www.eff.org
There's just too much money. How much intrusion can 100 million buy?

If Anon DOES have evidence of an attempt to subvert either the machines or tabulation of the process as they hint. . .they should release it so an example can be made of Rove or any other dirty tricker.

]]>
2012-11-21T18:23:49Z2012-11-21T18:23:49Ztag:www.schneier.com,2012:/blog//2.4591-comment:999384Comment from Floored on 2012-11-21Floored
It's a curious phenomenon when the clear winners of an election fervently and continually accuse the losing side of rigging the vote. While some very disappointed Republicans also accuse liberals of chicanery, it comes nowhere near the steady drumbeat of the Democrat's conspiracy theorist's accusations against the GOP.

It baffles me, and I can only chalk it up to the overall demonization of conservative thought and character by liberal pundits. While there where a few one-offs of stupid election antics (by both sides), it is clear that such actions where by lone wolf organizations or individuals operating without the sanction of the national parties. Does any US citizen really believe a major vote-corruption effort by someone like Rove or Wasserman-Schultz would go undetected? If so, I have a bridge to sell to you.

As for the pseudo-Anonymous press release/article...pure bunk.

]]>
2012-11-21T17:07:08Z2012-11-21T17:07:08Ztag:www.schneier.com,2012:/blog//2.4591-comment:999203Comment from Electric Dragon on 2012-11-21Electric Dragon
I wouldn't call Silver's analysis "totally transparent", seeing as he doesn't release his source code. Sam Wang of election.princeton.edu does (see http://election.princeton.edu/for-fellow-geeks/ ) and his predictions were just as good - in fact his Senate predictions were markedly better than 538's.]]>
2012-11-21T15:05:24Z2012-11-21T15:05:24Ztag:www.schneier.com,2012:/blog//2.4591-comment:999089Comment from Leonard Norrgård on 2012-11-21Leonard Norrgårdhttp://twitter.com/vinsci
Note that it was only in December 2008 that it became known that LBJ privately accused persons close to Nixon of treason - and very few people know about it even today. But here you can listen to LBJ talk about it as it happened, in a phone call recording:

]]>
2012-11-21T13:44:49Z2012-11-21T13:44:49Ztag:www.schneier.com,2012:/blog//2.4591-comment:998906Comment from Autolykos on 2012-11-21Autolykos
Pretty sure it's BS. If they can't even manage to write convincing technobabble, they most certainly don't have the skill to do anything with the election (without help from insiders, at least).]]>
2012-11-21T11:20:26Z2012-11-21T11:20:26Ztag:www.schneier.com,2012:/blog//2.4591-comment:998703Comment from Dirk Praet on 2012-11-21Dirk Praet
@ pfogg

I find it almost inevitable that people who dress up and act based on the themes of a comic book/movie with the drama of high opera would believe they found and revealed/squashed a major conspiracy.

Right on the money. It's about as likely as a gay transvestite running the FBI for 48 years.

]]>
2012-11-21T09:30:12Z2012-11-21T09:30:12Ztag:www.schneier.com,2012:/blog//2.4591-comment:998288Comment from filksinger on 2012-11-20filksinger The history of U. S. presidential elections fraud and treason in the last 50 years is, shall we say, interesting:

It would be, if that piece were even remotely trustworthy. Instead, it took unproven claims, outright false claims, assumptions based upon what may or may not have been mistakes, and questionable activities that may or may not have happened but would probably not have been "treason", or even illegal, even if they did, and declared them to be "treason" and "historical fact".

Is it possible that some of them are fact? Absolutely. Some of them, if true, might even be treason. But even if they are, this article is still biased to the point of worthlessness.

]]>
2012-11-21T04:17:13Z2012-11-21T04:17:13Ztag:www.schneier.com,2012:/blog//2.4591-comment:998268Comment from David Shayer on 2012-11-20David Shayer
Wonkette is hardly a reliable source. It's one step above TMZ. ]]>
2012-11-21T03:55:47Z2012-11-21T03:55:47Ztag:www.schneier.com,2012:/blog//2.4591-comment:998103Comment from Leonard Norrgård on 2012-11-20Leonard Norrgårdhttp://twitter.com/vinsci
The history of U.S. presidential elections fraud and treason in the last 50 years is, shall we say, interesting:

]]>
2012-11-21T01:22:50Z2012-11-21T01:22:50Ztag:www.schneier.com,2012:/blog//2.4591-comment:998061Comment from Dirk Praet on 2012-11-20Dirk Praet
In absence of any formal evidence about what exactly was done and how, we can just as well assume that the entire Anonymous story has been staged by Rove himself in order to to come up with a plausible excuse to his sponsors why Ohio went to Obama: "We were sabotaged by cyber terrorists. Please donate generously so we may push even tougher legislation to regain control over this internet thing."

ORCA is a nice name, though. Reminds me of an old Microsoft utility to transform .msi installers. Too bad for Rove his failed miserably to transform anything whatsoever. I wonder if he's ever considered offering his services to say the Chinese or Iranian government.

]]>
2012-11-21T00:46:41Z2012-11-21T00:46:41Ztag:www.schneier.com,2012:/blog//2.4591-comment:998021Comment from Really on 2012-11-20Really
>I find it almost inevitable that people who
>dress up and act based on the themes
>of a comic book/movie with the drama
>of high opera would believe they found
>and revealed/squashed a major conspiracy.

Brilliant!

]]>
2012-11-21T00:10:13Z2012-11-21T00:10:13Ztag:www.schneier.com,2012:/blog//2.4591-comment:997967Comment from hmm on 2012-11-20hmm
The 'get out to vote' robo call software was used in Canada by the conservatives to call voters in ridings that polls showed they would lose and told the voter either their spot to vote had been changed or gave them the wrong time in order to rig votes. I suspect that's exactly what this orca software was doing since Rove's strategy company was also contracted in Canada.

So Im assuming they blockd the fraudulent robo calling with said 'firewall' though there's scant details

]]>
2012-11-20T23:30:25Z2012-11-20T23:30:25Ztag:www.schneier.com,2012:/blog//2.4591-comment:997921Comment from pfogg on 2012-11-20pfogg
I find it almost inevitable that people who dress up and act based on the themes of a comic book/movie with the drama of high opera would believe they found and revealed/squashed a major conspiracy.

As to the ORCA issues, I would offer the reminder that it's an old aphorism that one should never attribute to malice what can be adequately explained by error (folly, stupidity, incompetence, etc.).

]]>
2012-11-20T22:53:00Z2012-11-20T22:53:00Ztag:www.schneier.com,2012:/blog//2.4591-comment:997864Comment from Eric Thomas Black on 2012-11-20Eric Thomas Black
The whole statement is somewhat out of wack... ORCA was the Romney Campaigns get out the vote software and had nothing to do with Karl Rove or voting machines. ]]>
2012-11-20T22:01:01Z2012-11-20T22:01:01Ztag:www.schneier.com,2012:/blog//2.4591-comment:997851Comment from Stephen on 2012-11-20Stephen
There were plenty of shenanigans leading up to the election that lend some credence to this.

Like the Ohio Secretary of State (a Republican) shoving untested patches onto voting machines in 39 counties the day before the election, in direct violation of state law, and then trying to handwave it all.

And then there was Rove's now-famous meltdown on Fox, like he knew in advance that Ohio was a Romney win and was truly shocked when it was called for Obama.

I'm sure this will all be dismissed as the ramblings of mad conspiracy theorists, but personally I put nothing past this modern Republican Party. After all, they were willing to completely screw Ron Paul and a non-trivial faction of their own party in order to force Romney to be the nominee. Clearly, there is no such thing as "too far" to the GOP elite.

]]>
2012-11-20T21:49:13Z2012-11-20T21:49:13Ztag:www.schneier.com,2012:/blog//2.4591-comment:997808Comment from aikimark on 2012-11-20aikimark
There was a long story about the 2004 election being stolen in Ohio, which was a deciding state in that election.]]>
2012-11-20T21:16:43Z2012-11-20T21:16:43Ztag:www.schneier.com,2012:/blog//2.4591-comment:997773Comment from Daniel Speyer on 2012-11-20Daniel Speyer
Stealing Ohio would make sense. The GOP needed Ohio Florida Virginia AND Colorado. Stealing the insecure states (Ohio and Florida) frees up resources to fight for legitimate wins in the others.

On the other hand, this boast does not look real to me. People who can do that don't write like that.

]]>
2012-11-20T20:51:43Z2012-11-20T20:51:43Ztag:www.schneier.com,2012:/blog//2.4591-comment:997766Comment from surprise? on 2012-11-20surprise?http://fivethirtyeight.blogs.nytimes.com/
Surprise? I don't get it. Only the talking heads on TV seemed to be surprised. Nate Silver had it totally nailed, using a totally transparent statistical analysis.]]>
2012-11-20T20:39:20Z2012-11-20T20:39:20Ztag:www.schneier.com,2012:/blog//2.4591-comment:997758Comment from noble_serf on 2012-11-20noble_serf
Polls were scary accurate -- at least the ones that used real math.

I would assume if a state was swayed or thrown, the evidence would be stark, like in 2000, and the final vote that counted would be 5-4.

]]>
2012-11-20T20:31:50Z2012-11-20T20:31:50Ztag:www.schneier.com,2012:/blog//2.4591-comment:997749Comment from Isaac Rabinovitch on 2012-11-20Isaac Rabinovitch
Additional thought: as much as I dislike Romney and his reality-aversive crew, I have to condemn this. ORCA was a legitimate "get out the vote" effort, and sabotaging it would be a blatant subversion of the democratic process.

The really stupid thing is that the people who designed ORCA did a pretty good job of sabotaging it without any help from A. All A has accomplished (aside from stoking their own pathetic egos) is to provide "evidence" evidence to those who are already insisting that Obama "stole" the election.

]]>
2012-11-20T20:26:34Z2012-11-20T20:26:34Ztag:www.schneier.com,2012:/blog//2.4591-comment:997736Comment from Isaac Rabinovitch on 2012-11-20Isaac Rabinovitch
I share Bruce's skepticism, but he's wrong to dismiss Colorado as an unlikely place for election skulduggery. Every news source I've seen lists it as a battleground state, and both campaigns worked hard to secure it. The fact that it wasn't essential to Obama's victory is only obvious in hindsight.]]>
2012-11-20T20:17:13Z2012-11-20T20:17:13Ztag:www.schneier.com,2012:/blog//2.4591-comment:997734Comment from Leonard Norrgård on 2012-11-20Leonard Norrgårdhttp://twitter.com/vinsci

]]>
2012-11-20T20:13:42Z2012-11-20T20:13:42Ztag:www.schneier.com,2012:/blog//2.4591-comment:997692Comment from Gavitron on 2012-11-20Gavitronhttp://gavitron.com
I think this is a pretty decent explanation of what Orca was 'supposed' to do: http://www.businessinsider.com/romney-project-orca-disaster-2012-11 ]]>
2012-11-20T19:37:33Z2012-11-20T19:37:33Ztag:www.schneier.com,2012:/blog//2.4591-comment:997670Comment from dirk diggler on 2012-11-20dirk diggler
I'd be satisfied even with a decent explanation of what they did instead of 'we set up a firewall between the tubes' and their other very vague descriptions of what supposedly happened. I have no doubt Rove and his cronies tried every shady election misdirection trick in the book like calling voters and telling them their voting area has changed (all the tactics revealed in the book How To Steal an Election by that ex Rove staffer) but this makes no sense.

It would sort of explain why Rove was so incensed with the Ohio results on live TV if he knew there was an organized attempt at voter fraud at hand, if any of these claims by anon are true. Then again Ohio made no difference anyways in the outcome... and for once neither did the Florida clustermess that took a week to figure out.

]]>
2012-11-20T19:17:29Z2012-11-20T19:17:29Ztag:www.schneier.com,2012:/blog//2.4591-comment:997669Comment from Doug D on 2012-11-20Doug D
Probably just some kids claiming credit for something they had nothing to do with. Probably. Hardly unheard of, right?

But, I suppose it'd be a semi-plausible explanation for some of the surprise we witnessed, no?

(I guess the folks who want an explanation for all that surprise now have a choice between "thwarted malice" and "incompetence".)